dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
3435
Bandito
join:2003-01-23

Bandito

Member

I'm travelling, do I need a VPN?

I am about to do a bit of travelling. I've read all sorts of nasty things about using wifi hotspots and hotels where you information can easily be compromised.

I've seen suggestions on using OpenVPN, HideMyAss, and even Unotelly. The latter is the cheapest by far and they offer a three day free trial of their Unotelly VPNs. However, speeds are very slow with Unotelly. You get what you pay for.

In terms of security. I am really overwhelmed, confused, and frustrated. It was suggested to use OpenVPN. After visiting their website and forums, I throw my hands up in the air and said this is beyond me. No simple instructions there....at least not for what I want to do on a very short term basis.

I came across a good article but it doesn't tell me what to do. Here is the info below.
quote:
When choosing a networking protocol for your VPN, you need worry only about the four most popular ones. Here's a quick rundown, including the strengths and weaknesses of each.

Point-to-Point Tunneling Protocol (PPTP) is the least secure VPN method, but it’s a great starting point for your first VPN because almost every operating system supports it, including Windows, Mac OS, and even mobile OSs.

Layer 2 Tunneling Protocol (L2TP) and Internet Protocol Security (IPsec) are more secure than PPTP and are almost as widely supported, but they are also more complicated to set up and are susceptible to the same connection issues as PPTP is.

Secure Sockets Layer (SSL) VPN systems provide the same level of security that you trust when you log on to banking sites and other sensitive domains. Most SSL VPNs are referred to as "clientless," since you don't need to be running a dedicated VPN client to connect to one of them. They're my favorite kind of VPN because the connection happens via a Web browser and thus is easier and more reliable to use than PPTP, L2TP, or IPsec.

OpenVPN is exactly what it sounds like: an open-source VPN system that's based on SSL code. It's free and secure, and it doesn't suffer from connection issues, but using OpenVPN does require you to install a client since Windows, Mac OS X, and mobile devices don't natively support it.

In short: When in doubt, try to use SSL or OpenVPN. Keep in mind that some of the services highlighted in the next section don’t use these protocols. Instead, they use their own proprietary VPN technology.

Now, let's talk about how to create and connect to your own VPN. If you want simple remote access to a single computer, consider using the VPN software built into Windows. If you’d like to network multiple computers together quickly through a VPN, consider installing stand-alone VPN server software.

If you need a more reliable and robust arrangement (one that also supports site-to-site connections), consider using a dedicated VPN router. And if you just want to use a VPN to secure your Internet traffic while you're on public Wi-Fi hotspots and other untrusted networks—or to access regionally restricted sites—consider subscribing to a third-party hosted VPN provider.
If someone can share their insights on possible suggestions and how to set up a VPN on my mobile device and laptop, I would be most grateful.

»www.pcworld.com/article/ ··· day.html

Krisnatharok
PC Builder, Gamer
Premium Member
join:2009-02-11
Earth Orbit

Krisnatharok

Premium Member

I use HotSpotShield when I absolutely must use hotel wifi.

Most of the time I use EasyTetherPro via my 4G phone (technically is against policy but you keep the usage low and VZW doesn't care) to port my phone's data connection to my laptop.

dandeman
MVM
join:2001-12-05
Chapel Hill, NC

dandeman

MVM

I have the same security concerns when using motel/etc WiFi with my laptop on the road...

After reviewing a number of VPN services, I signed up for IPVanish. »www.ipvanish.com/?a_aid= ··· 9yWGrg.0

Very simple to use in that they provide a downloadable app that all you do is enter your IPVanish logon and password, choose the server location you want to use, and the application takes care of the rest of the setting changes.

It changes the IP settings on your machine for the secure L2TP connection, and when you disconnect and close the application, it sets your IP settings back to their original values..

Did a lot of reading about the different VPNs and this one was highly rated..

Very pleased with it, costs $70.00/year if you sign up for an annual subscription.
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to Bandito

MVM

to Bandito
Depends WHAT you want to protect... and this was possibly answered to a degree in this thread.

I'd say it depends on your level of technical expertise, type of mobile device, and how much you're willing to invest
time and money-wise into this... just to warn, there is no "magical golden bullet" solution to this.

There's also some olde(er) threads in the VPN section of the forum for other VPN providers.

My 00000010bits.

Regards

Jocelyn
@unlimitednet.us

Jocelyn to Bandito

Anon

to Bandito
Actually, you can use the torch browser. The newest version has a built in VPN like extension that will allow you to access any site regardless of your location.
Expand your moderator at work
Bandito
join:2003-01-23

Bandito

Member

Re: I'm travelling, do I need a VPN?

Thanks everyone. It looks like dandeman's recommendation is a great one. Thank you! That VPN seems to be regarded very highly and performance hits in terms of speed seem to be light. Installation is supposed to be a breeze as well. I think I might try their service. I know in the past, Hotspot shield was very very slow. Not sure if they changed.

In terms of sniffers though, and I am not sure if anyone here knows the answer. If at a banking site, aren't passwords et al protected because banks, even on their own smartphone apps use SSL encryption making it *almost* unnecessary to use a VPN? Of course, nothing is 100% secure.

dandeman
MVM
join:2001-12-05
Chapel Hill, NC

4 edits

dandeman

MVM

Correct... Many sites involving financial transactions do use SSL which encrypts the transaction to take away the risk of intercepting/capture of your data with sniffers.. And of course, that's the prime benefit a VPN provides by encrypting your traffic end to end (at least to the VPN server anyway.)

The browser recommendation above puzzles me, in that without a companion VPN server service on the far end, how it can provide data stream encryption and thus any protection against sniffers on the shared access (wifi or other) network. With a program such as CommView »www.tamos.com/products/commview/ it can not only capture your entire data stream visible on a segment, but also will reconstruct the screens you are looking at via a public, non secure network segment.

I surf a lot of sites that do involve logon/passwords and I didn't want those compromised..

Correct on the excellent performance with IPVanish.. I use some commercial level network tracing software to look at the routes to various sites and latency of the routers in between to look at throughput over time. You can see on the same ISP supplier's network, paths to some locations are very good, and paths to other locations have terrible performance, due to congestion at certain points..

With the IPVanish ability to pick the far end VPN server location that you exit the VPN, you can in some cases actually improve the end to end performance, i.e. by having the ability to choose the destination point (VPN server) your ISP must get you to, and the VPN server's own access to the larger backbone.
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to Bandito

MVM

to Bandito
said by Bandito:

If at a banking site, aren't passwords et al protected because banks, even on their own smartphone apps use SSL encryption

Yes and No. Yes, in that SSL is encrypted.

No, in that anyone with the SSL key can decrypt it. Don't think it's possible? Here's some articles on the subject

»wirewatcher.wordpress.co ··· vent-it/

»news.netcraft.com/archiv ··· row.html

I used to think SSL was immune to this stuff till I got my hands on gear that allowed you to load the SSL key used for
the traffic, then decrypt and read in realtime... fun times, but a small part of me want to reach for my tinfoil hat.

Also, be aware of WHERE the sniffer can be / is placed... on the banks, etc. backend you don't have visibility into,
and obviously not into the telco's central office -- guess how hard it is to put in a tap point for il/legitimate purposes?

Regards
WarBuxX9
join:2012-03-30
Livonia, MI

WarBuxX9 to Bandito

Member

to Bandito
Yes I would use a VPN. If you only need it for lite - moderate traveling I suggest getting a free VPN account. LiquidVPN offers a very nice one. You get access to one of their paid VPN servers.
»www.liquidvpn.com/free-v ··· account/
Bandito
join:2003-01-23

Bandito

Member

I tried hotspot shield for the iPhone over the weekend. they gave a free trial so I had nothing to lose.
I have to say I am glad I didn't pay to use HSS. Often you can't connect. And when you do, it often disconnects.

Performance is very poor. You get about a 60-70 or more percent speed reduction. App is buggy. at times it won't let you connect. its stuck in establishing connection. You need to keep on removing or renewing certificates. Even then it often won't work after you uninstall and reinstall the app. When it works it Often disconnects the VPN. It restarts itself as soon as you exit.

You select USA as the country but you're in the UK. Other times the closest server is on the other side of the country. You have access to only 2 countries: USA And UK.

Free trial was first 14 days at first now its 6 days they changed it. Yet still shows 14 on itouch Android monthly cost is 99cents according to the app info and It's much more stable on android. It actually works on android.

In addition, Hotspot shield has connectivity issues with pop gmail when accessing it via the native mail app. Google thinks you're a hacker and won't let you log in. The same with facebook. I had to use the native gmail app that you download. With facebook you need to go through their enhanced security verification.

Desktop version of hotspot often installs nasty toolbar that has to be installed or VPN won't work.

There are lots of complaints about this on iTunes. However, HSS often tags the reviews and has many of them removed.
Expand your moderator at work